graphgrc

SCF - MON-03 - Content of Event Logs

Mechanisms exist to configure systems to produce event logs that contain sufficient information to, at a minimum:

• Establish what type of event occurred;
• When (date and time) the event occurred;
• Where the event occurred;
• The source of the event;
• The outcome (success or failure) of the event; and
• The identity of any user/subject associated with the event.

  Mapped framework controls

  ISO 27002

• A.8.15

NIST 800-53

• AU-3

SOC 2

• PI1.4

Control questions

Does the organization configure systems to produce event logs that contain sufficient information to, at a minimum:

• Establish what type of event occurred;
• When (date and time) the event occurred;
• Where the event occurred;
• The source of the event;
• The outcome (success or failure) of the event; and
• The identity of any user/subject associated with the event?

This site is open source. Improve this page.